Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Is this 'phishing'?

  • 17-11-2009 2:05pm
    #1
    Registered Users, Registered Users 2 Posts: 4,264 ✭✭✭


    Ok I'm not sure If I have this in the right place so feel free to move it!

    I got this e-mail today:

    We are contacting you in regards to an unusual activity that was identified in your mailbox. As a result, your mailbox has been deactivated. To restore your mailbox, you are required to extract and run the attached mailbox utility.

    Best regards, (e-mail service provider's name) technical support.

    I didn't open the attachment. I suspect it's 'phishing'. What do you think?


Comments

  • Registered Users, Registered Users 2 Posts: 7,740 ✭✭✭mneylon


    Sounds like a virus


  • Moderators, Computer Games Moderators, Technology & Internet Moderators, Help & Feedback Category Moderators Posts: 25,751 CMod ✭✭✭✭Spear


    mood wrote: »
    Ok I'm not sure If I have this in the right place so feel free to move it!

    I got this e-mail today:

    We are contacting you in regards to an unusual activity that was identified in your mailbox. As a result, your mailbox has been deactivated. To restore your mailbox, you are required to extract and run the attached mailbox utility.

    Best regards, (e-mail service provider's name) technical support.

    I didn't open the attachment. I suspect it's 'phishing'. What do you think?

    Sounds more like a worm/trojan if it's pushing an executable attachment.


  • Moderators, Motoring & Transport Moderators Posts: 11,744 Mod ✭✭✭✭devnull


    It's phishing for sure, and also includes an attachment which has a trojan in.

    Delete it


  • Banned (with Prison Access) Posts: 34,567 ✭✭✭✭Biggins


    Wouldn't touch it with a barge pole.
    Delete it. Its false.

    ...besides - think about it.
    How did you get your email if your email box has been deactivated! LOL
    Spam rubbish. The sad part is that some will fall for it.


  • Registered Users, Registered Users 2 Posts: 4,264 ✭✭✭mood


    So am I ok considering I didn't open the attachment? I'm using a mac.

    I deleted it and just got another!


  • Advertisement
  • Moderators, Motoring & Transport Moderators Posts: 11,744 Mod ✭✭✭✭devnull


    mood wrote: »
    So am I ok considering I didn't open the attachment? I'm using a mac.

    I deleted it and just got another!

    Long as you don't touch the attachment you'll be fine, even if you did you probbably will be as most of these viruses are designed foe Windows machines.

    There's another variant going around asking for people to reply to the email with their username and password rather than running a tool, obviously don't do this either.


  • Banned (with Prison Access) Posts: 34,567 ✭✭✭✭Biggins


    mood wrote: »
    So am I ok considering I didn't open the attachment? I'm using a mac.

    I deleted it and just got another!
    Are you opening the emails through a service on the net or downloading them using the likes of Microsoft Express Mail or similar?
    I ask because depending on what tool your using, there might be a filter system (you can adjust) and/or block ability for that email address, etc plus a "Report" function.


  • Registered Users, Registered Users 2 Posts: 4,264 ✭✭✭mood


    I usually log in via the e-mail providers website. However, I have a new mac and there is an e-mail application on it call 'mail' and a few times I opened it accidently with this. As a result most of my old e-mails from my e-mail account are now gone but are still in this 'mail' account!!! So, I can't delete the application as I'll loose all my old e-mails. There are a lot I need to keep.


  • Banned (with Prison Access) Posts: 34,567 ✭✭✭✭Biggins


    mood wrote: »
    I usually log in via the e-mail providers website. However, I have a new mac and there is an e-mail application on it call 'mail' and a few times I opened it accidently with this. As a result most of my old e-mails from my e-mail account are now gone but are still in this 'mail' account!!! So, I can't delete the application as I'll loose all my old e-mails. There are a lot I need to keep.
    The ones that you need to keep, can you not forward them to another email address of yours?


  • Registered Users, Registered Users 2 Posts: 4,264 ✭✭✭mood


    I suppose I could open a new account and do that.

    Is there any other way around it?

    Just got a third e-mail!!!


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1,745 ✭✭✭swiss


    Biggins wrote:
    The sad part is that some will fall for it.
    Someone did fall for it.

    Now I have to clean up the mess.


  • Registered Users, Registered Users 2 Posts: 1,065 ✭✭✭Snowbat


    I've received 18 of these across 3 accounts so far. The first arrived yesterday around this time. The attachment utility.zip contains utility.exe.

    www.virustotal.com
    File utility.exe received on 2009.11.17 16:51:41 (UTC)
    Antivirus: Result
    a-squared: Trojan.Win32.Sasfis!IK
    AhnLab-V3: Win-Trojan/Malware.18944.J
    AntiVir: TR/Sasfis.vbw
    Authentium: W32/Trojan3.BNH
    Avast: Win32:Trojan-gen
    AVG: Dropper.Generic.BFIV
    BitDefender: Trojan.Sasfis.C
    CAT-QuickHeal: Trojan.Sasfis.vbw
    ClamAV: Trojan.Agent-128597
    DrWeb: Trojan.MulDrop.46275
    F-Prot: W32/Trojan3.BNH
    F-Secure: Trojan:W32/Sasfis.H
    GData: Trojan.Sasfis.C
    Ikarus: Trojan.Win32.Sasfis
    Kaspersky: Trojan.Win32.Sasfis.vbw
    McAfee+Artemis: Artemis!EEC53E223980
    McAfee-GW-Edition: Heuristic.LooksLike.Win32.NewMalware.B
    Microsoft: Trojan:Win32/Oficla.E
    NOD32: Win32/Oficla.BL
    PCTools: Trojan.Dropper
    Prevx: Medium Risk Malware Dropper
    Sophos: Mal/EncPk-LP
    Symantec: Trojan.Dropper
    TrendMicro: TROJ_AGENTT.WTRA
    VirusBuster: Trojan.Sasfis.AZT


Advertisement